{
  "$type": "site.standard.document",
  "bskyPostRef": {
    "cid": "bafyreihbokmsrwipgjxptwvg6wqtgzgiqnzv2ewhqmspokudgmybjpia4a",
    "uri": "at://did:plc:ghkvexthfanuyq7fb5veq6tw/app.bsky.feed.post/3mmoqnajxjix2"
  },
  "coverImage": {
    "$type": "blob",
    "ref": {
      "$link": "bafkreicjhlq2dnkt7nwg6fgrcc47qyi2jx4ax6lhdv6qmacgvwv544gkhy"
    },
    "mimeType": "image/jpeg",
    "size": 346034
  },
  "path": "/2026/05/lazarus-deploys-remotepe-memory-only.html",
  "publishedAt": "2026-05-25T09:32:54.000Z",
  "site": "https://thehackernews.com",
  "textContent": "Cybersecurity researchers have shed light on a cross-platform malware called RemotePE that has been put to use by the North Korea-linked Lazarus Group in attacks targeting financial and cryptocurrency organizations.\n\nRemotePE, per NCC Group subsidiary Fox-IT, is part of a multi-stage attack chain that involves two loaders tracked as DPAPILoader and RemotePELoader.\n\n\"DPAPILoader decrypts and",
  "title": "Lazarus Deploys RemotePE Memory-Only RAT Against Financial and Crypto Firms"
}